I wanted to ask what the reasoning is behind this inconsistency. Maybe I just misunderstood something.

@jkowalski sorry for pinging you here. let me know if it is better to start a topic on the forum instead.

Here's is what I have figured out so far.

For the server component, there are 2 users and there is also the repository password that was used to create the repository on the server (no username).

When starting the server, the following env vars are used:

see kopia server start --help

When doing a server refresh, the server control password is needed, but the env var used is the one for the server password:

see kopia server refresh --help

This is clearly an inconsistency and extremly confusing. But maybe I am missing something.

I remember having some kind of confusion regarding that which is probably why I have a specific line saying "Add --server-username and --server-password for access to web UI." KOPIA_WEBUI_PASSWORD and --webui-password would have been more clear.

IMO, all the names are a bit off. e.g. KOPIA_PASSWORD is used for the repository password. afaik this password is only used when creating a repo and changing the password of the repo (this password is used to do the encryption). Thus this should be called KOPIA_REPOSITORY_PASSWORD

Then the KOPIA_SERVER_* passwords are actually credentials that are used when using a client to authehticate against the server. These are the ones that were created when doing server users add. Since these credentials are needed when doing all the snapshort operations, they should have been called KOPIA_USER and KOPIA_PASSWORD.

And last but not least we have user and password credentials that are used for administering the server (--server-control*). So these should have the name SERVER or CONTROL or ADMIN in the name (and the env vars should be consistent).

Kopia is still 0.y.z thus according to semver, breaking changes can still be done w/o having to raise the major version.

IMO this could need a serious cleanup to make it consistent and more logical.